>> i would like to do using FORWARD
>> example
>>
>> iptables -A FORWARD -s -m ! 00:0F:EA:91:04:08 -d 0.0.0.0/0 -p tcp
>> --dport
>> 3128 -j DROP
>>
>> i want to set this rule to avoid the computer being cloned
>> i think using mac & iptables i can solve this rigth ?
>
> What do you mean by "cloned". It is trivial to spoof a mac address.
> Also, the mac address only matters per network segment, so this would
> only be useful when used for something that is behind your firewall
> being permitted out, or something that is directly on the external
> side of your firewall coming in. MAC addresses become completely
> irrelevent once traffic passes through a router.
>
> As for your syntax, that looks correct.
>
> ~Daniel
>
yes but is not rigth check at this
thats other computer from my network
ruter-deb:~$ telnet rh 3128
Trying rh...
Connected to rh
Escape character is '^]'.
the only computer who must be allow to connect to that rh on port 3128 must
be ruter-deb1 , (the one who is using the mac commented on iptables)
regards
--
-------------------------------------------------
Luis A. Rondon Paz
L I N U X .~. Admin intranet CNT
The Choice /V\ icq #132736035
of a GNU /( )\ itachi@cnt.uo.edu.cu
Generation ^^-^^ Santiago de cuba
UONET
-------------------------------------------------